Technology content trusted in North America and globally since 1999
8,589 Reviews & Articles | 67,094 News Posts

There's a new Java exploit lurking around, close to 1 billion Macs and PCs are at risk

Security researcher discovers new Java exploit, nearly 1 billion PCs and Macs could be at risk

By Anthony Garreffa on Sep 27, 2012 10:21 pm CDT - 1 min, 22 secs reading time

We're here again, with another exploit to watch out - this time with security researcher Adam Gowdiak discovering a new zero-day vulnerability in Java. This new bug is said to be in currently-supported versions of Java, such as Java 5, Java 6, and Java 7 and has the ability to allow attackers to install malware on close to 1 billion systems (based on the installation numbers from Oracle themselves).

there_s_a_new_java_exploit_lurking_around_close_to_1_billion_macs_and_pcs_are_at_risk_03

This exploit affects both Macs and PCs, meaning that any Java-powered PC is at risk. Right now, the exploit doesn't pose much threat to the general public, but Gowdiak who is known for finding similar issues within Java, has said that he isn't currently aware of any active attacks that exploit this particular vulnerability.

Gowdiak found the exploit last week and has spent the last few days testing a proof-of-concept before he revealed the exploit to Oracle. Oracle has since confirmed that the vulnerability with Gowdisk, and have said that it will be fixed in a future security update. Oracle haven't given a date on when this update will be pushed out, but the next scheduled update is a while way - October 16.

Gowdiak decided to go public with his discovery, but hasn't exactly said how to find the exploit - hoping it would pressure Oracle to patch it sooner, instead of waiting three more weeks. What I don't understand is, with 1 billion people at risk, it is pretty poor of Oracle to not push something out now, instead of waiting until October 16. Now that this is being posted on mainstream tech sites, hackers are probably rubbing their hands with glee looking for the exploit as we speak.

Anthony Garreffa

ABOUT THE AUTHOR - Anthony Garreffa

Anthony is a long time PC enthusiast with a passion of hate for games to be built around consoles. With FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with high-end, custom-built PCs. His addiction to GPU technology is unwavering, and with next-gen NVIDIA GPUs about to launch alongside 4K 144Hz HDR G-Sync gaming monitors and BFGDs (65-inch 4K 120Hz HDR G-Sync TVs) there has never been a time to be more excited about technology.

NEWS SOURCE:techspot.com

Related Tags